Ciprianmp: >> Phpmychat-Plus Security Vulnerabilities
phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.
CVSS Score
9.3
EPSS Score
0.01
Published
2020-02-18
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.
CVSS Score
6.1
EPSS Score
0.574
Published
2019-12-20